Re: Derby DB Encryption

2019-07-24 Thread Oskar Zinger 
Thanks Peter!

Sent from my iPhone

> On Jul 24, 2019, at 10:37 PM, Peter Ondruška  wrote:
> 
> https://db.apache.org/derby/docs/10.14/security/cseccsecure88690.html
> The default encryption algorithm is DES.
> 
> You can specify an encryption provider and/or encryption algorithm other than 
> the defaults by using the encryptionProvider=providerName 
> andencryptionAlgorithm=algorithm attributes.
> 
> 
>> On Thu, 25 Jul 2019, 01:13 Oskar Z,  wrote:
>> Does anyone know what is the default encryption algorithm for the Derby DB 
>> encryption?
>> 
>> Thanks,
>> Oskar
>> 
>>> On Jul 24, 2019, at 6:14 PM, Oskar Z  wrote:
>>> 
>>> Looks like the database when being encrypted, must be the FIRST connection 
>>> to DB. If DB has existing connections before encryption, then it will not 
>>> work, and thus the passwords don’t matter.
>>> 
>>> If encryption is done as a first connection to DB, then the DB must be 
>>> shutdown, and then it seems to work, and the first call should have 
>>> bootPassword. That’s what I found.
>>> 
>>> Thanks for the help and pointers! It got me thinking :-)
>>> 
>>> Regards,
>>> Oskar
>>> 
>>>> On Jul 24, 2019, at 2:08 PM, Peter Ondruška  
>>>> wrote:
>>>> 
>>>> Well, you "boot" with bootPassword only once. After your database is 
>>>> opened you do not need to specify bootPassword anymore. Maybe even 
>>>> specifying incorrect bootPassword after database is already opened does 
>>>> not trigger any error and may seem misleading.
>>>> 
>>>> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger  wrote:
>>>>> I already have authentication working fine. I would like to also have 
>>>>> data encryption.
>>>>> 
>>>>> Can I have both authentication and data encryption in Derby?
>>>>> 
>>>>> Sent from my iPhone
>>>>> 
>>>>>> On Jul 24, 2019, at 11:37 AM, Peter Ondruška  
>>>>>> wrote:
>>>>>> 
>>>>>> Oskar, you mixed two distinct topics, encryption and authentication. You 
>>>>>> should also follow 
>>>>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html. 
>>>>>> Peter
>>>>>> 
>>>>>>> On Wed, 24 Jul 2019 at 16:27, Oskar Z  wrote:
>>>>>>> Hello - hope that someone has experience with Derby encryption.
>>>>>>> 
>>>>>>> I’ve been using this documentation:
>>>>>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>>>>>>> 
>>>>>>> I’m not sure what’s happening, I’ve encrypted the DB using 
>>>>>>> dataEncryption=true and provided bootPassword, at first I used the same 
>>>>>>> password as the Owner of DB, but then I used a different password. But 
>>>>>>> regardless, what ever password I specify or not specify as 
>>>>>>> bootPassword, the connection is made OK.
>>>>>>> 
>>>>>>> So to me, it looks as if the DB has not been really encrypted, even 
>>>>>>> though I’m not see any exceptions/errors in derby.log.
>>>>>>> 
>>>>>>> How can I tell for sure that DB encryption really happened?
>>>>>>> 
>>>>>>> Thanks for you help!
>>>>>>> 
>>>>>>> Kind regards,
>>>>>>> Oskar
>>>>>> 
>>>>>> kaibo, s.r.o., ID 28435036, registered with the commercial register 
>>>>>> administered by the Municipal Court in Prague, section C, file 141269.
>>>>>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>>>>>> https://kaibo.eu
>>>> 
>>>> kaibo, s.r.o., ID 28435036, registered with the commercial register 
>>>> administered by the Municipal Court in Prague, section C, file 141269.
>>>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>>>> https://kaibo.eu
>>> 
>> 
> 
> kaibo, s.r.o., ID 28435036, registered with the commercial register 
> administered by the Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu

Re: Derby DB Encryption

2019-07-24 Thread Peter Ondruška 
https://db.apache.org/derby/docs/10.14/security/cseccsecure88690.html

The default encryption algorithm is DES.

You can specify an encryption provider and/or encryption algorithm other
than the defaults by using the encryptionProvider=*providerName* and
encryptionAlgorithm=*algorithm* attributes.

On Thu, 25 Jul 2019, 01:13 Oskar Z,  wrote:

> Does anyone know what is the default encryption algorithm for the Derby DB
> encryption?
>
> Thanks,
> Oskar
>
> On Jul 24, 2019, at 6:14 PM, Oskar Z  wrote:
>
> Looks like the database when being encrypted, must be the FIRST connection
> to DB. If DB has existing connections before encryption, then it will not
> work, and thus the passwords don’t matter.
>
> If encryption is done as a first connection to DB, then the DB must be
> shutdown, and then it seems to work, and the first call should have
> bootPassword. That’s what I found.
>
> Thanks for the help and pointers! It got me thinking :-)
>
> Regards,
> Oskar
>
> On Jul 24, 2019, at 2:08 PM, Peter Ondruška 
> wrote:
>
> Well, you "boot" with bootPassword only once. After your database is
> opened you do not need to specify bootPassword anymore. Maybe even
> specifying incorrect bootPassword after database is already opened does not
> trigger any error and may seem misleading.
>
> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger  wrote:
>
>> I already have authentication working fine. I would like to also have
>> data encryption.
>>
>> Can I have both authentication and data encryption in Derby?
>>
>> Sent from my iPhone
>>
>> On Jul 24, 2019, at 11:37 AM, Peter Ondruška 
>> wrote:
>>
>> Oskar, you mixed two distinct topics, encryption and authentication. You
>> should also follow
>> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html.
>> Peter
>>
>> On Wed, 24 Jul 2019 at 16:27, Oskar Z  wrote:
>>
>>> Hello - hope that someone has experience with Derby encryption.
>>>
>>> I’ve been using this documentation:
>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>>>
>>> I’m not sure what’s happening, I’ve encrypted the DB using
>>> dataEncryption=true and provided bootPassword, at first I used the same
>>> password as the Owner of DB, but then I used a different password. But
>>> regardless, what ever password I specify or not specify as bootPassword,
>>> the connection is made OK.
>>>
>>> So to me, it looks as if the DB has not been really encrypted, even
>>> though I’m not see any exceptions/errors in derby.log.
>>>
>>> How can I tell for sure that DB encryption really happened?
>>>
>>> Thanks for you help!
>>>
>>> Kind regards,
>>> Oskar
>>>
>>
>> kaibo, s.r.o., ID 28435036, registered with the commercial register
>> administered by the Municipal Court in Prague, section C, file 141269.
>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>> https://kaibo.eu
>>
>>
> kaibo, s.r.o., ID 28435036, registered with the commercial register
> administered by the Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu
>
>
>
>

-- 
kaibo, s.r.o., ID 28435036, registered with the commercial register 
administered by the Municipal Court in Prague, section C, file 141269.

Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.

https://kaibo.eu <https://kaibo.eu>

Re: Derby DB Encryption

2019-07-24 Thread Oskar Z 
Does anyone know what is the default encryption algorithm for the Derby DB 
encryption?

Thanks,
Oskar

> On Jul 24, 2019, at 6:14 PM, Oskar Z  wrote:
> 
> Looks like the database when being encrypted, must be the FIRST connection to 
> DB. If DB has existing connections before encryption, then it will not work, 
> and thus the passwords don’t matter.
> 
> If encryption is done as a first connection to DB, then the DB must be 
> shutdown, and then it seems to work, and the first call should have 
> bootPassword. That’s what I found.
> 
> Thanks for the help and pointers! It got me thinking :-)
> 
> Regards,
> Oskar
> 
>> On Jul 24, 2019, at 2:08 PM, Peter Ondruška > <mailto:peter.ondru...@kaibo.eu>> wrote:
>> 
>> Well, you "boot" with bootPassword only once. After your database is opened 
>> you do not need to specify bootPassword anymore. Maybe even specifying 
>> incorrect bootPassword after database is already opened does not trigger any 
>> error and may seem misleading.
>> 
>> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger > <mailto:oska...@yahoo.com>> wrote:
>> I already have authentication working fine. I would like to also have data 
>> encryption.
>> 
>> Can I have both authentication and data encryption in Derby?
>> 
>> Sent from my iPhone
>> 
>> On Jul 24, 2019, at 11:37 AM, Peter Ondruška > <mailto:peter.ondru...@kaibo.eu>> wrote:
>> 
>>> Oskar, you mixed two distinct topics, encryption and authentication. You 
>>> should also follow 
>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html 
>>> <https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html>. 
>>> Peter
>>> 
>>> On Wed, 24 Jul 2019 at 16:27, Oskar Z >> <mailto:oska...@yahoo.com>> wrote:
>>> Hello - hope that someone has experience with Derby encryption.
>>> 
>>> I’ve been using this documentation:
>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html 
>>> <https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html>
>>> 
>>> I’m not sure what’s happening, I’ve encrypted the DB using 
>>> dataEncryption=true and provided bootPassword, at first I used the same 
>>> password as the Owner of DB, but then I used a different password. But 
>>> regardless, what ever password I specify or not specify as bootPassword, 
>>> the connection is made OK.
>>> 
>>> So to me, it looks as if the DB has not been really encrypted, even though 
>>> I’m not see any exceptions/errors in derby.log.
>>> 
>>> How can I tell for sure that DB encryption really happened?
>>> 
>>> Thanks for you help!
>>> 
>>> Kind regards,
>>> Oskar
>>> 
>>> kaibo, s.r.o., ID 28435036, registered with the commercial register 
>>> administered by the Municipal Court in Prague, section C, file 141269.
>>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>>> https://kaibo.eu <https://kaibo.eu/>
>> 
>> kaibo, s.r.o., ID 28435036, registered with the commercial register 
>> administered by the Municipal Court in Prague, section C, file 141269.
>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>> https://kaibo.eu <https://kaibo.eu/>
>

Re: Derby DB Encryption

2019-07-24 Thread Oskar Z 
Looks like the database when being encrypted, must be the FIRST connection to 
DB. If DB has existing connections before encryption, then it will not work, 
and thus the passwords don’t matter.

If encryption is done as a first connection to DB, then the DB must be 
shutdown, and then it seems to work, and the first call should have 
bootPassword. That’s what I found.

Thanks for the help and pointers! It got me thinking :-)

Regards,
Oskar

> On Jul 24, 2019, at 2:08 PM, Peter Ondruška  wrote:
> 
> Well, you "boot" with bootPassword only once. After your database is opened 
> you do not need to specify bootPassword anymore. Maybe even specifying 
> incorrect bootPassword after database is already opened does not trigger any 
> error and may seem misleading.
> 
> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger  > wrote:
> I already have authentication working fine. I would like to also have data 
> encryption.
> 
> Can I have both authentication and data encryption in Derby?
> 
> Sent from my iPhone
> 
> On Jul 24, 2019, at 11:37 AM, Peter Ondruška  > wrote:
> 
>> Oskar, you mixed two distinct topics, encryption and authentication. You 
>> should also follow 
>> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html 
>> . 
>> Peter
>> 
>> On Wed, 24 Jul 2019 at 16:27, Oskar Z > > wrote:
>> Hello - hope that someone has experience with Derby encryption.
>> 
>> I’ve been using this documentation:
>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html 
>> 
>> 
>> I’m not sure what’s happening, I’ve encrypted the DB using 
>> dataEncryption=true and provided bootPassword, at first I used the same 
>> password as the Owner of DB, but then I used a different password. But 
>> regardless, what ever password I specify or not specify as bootPassword, the 
>> connection is made OK.
>> 
>> So to me, it looks as if the DB has not been really encrypted, even though 
>> I’m not see any exceptions/errors in derby.log.
>> 
>> How can I tell for sure that DB encryption really happened?
>> 
>> Thanks for you help!
>> 
>> Kind regards,
>> Oskar
>> 
>> kaibo, s.r.o., ID 28435036, registered with the commercial register 
>> administered by the Municipal Court in Prague, section C, file 141269.
>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>> https://kaibo.eu 
> 
> kaibo, s.r.o., ID 28435036, registered with the commercial register 
> administered by the Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu

Re: Derby DB Encryption

2019-07-24 Thread Peter Ondruška 
Well, you "boot" with bootPassword only once. After your database is opened
you do not need to specify bootPassword anymore. Maybe even specifying
incorrect bootPassword after database is already opened does not trigger
any error and may seem misleading.

On Wed, 24 Jul 2019 at 19:47, Oskar Zinger  wrote:

> I already have authentication working fine. I would like to also have data
> encryption.
>
> Can I have both authentication and data encryption in Derby?
>
> Sent from my iPhone
>
> On Jul 24, 2019, at 11:37 AM, Peter Ondruška 
> wrote:
>
> Oskar, you mixed two distinct topics, encryption and authentication. You
> should also follow
> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html.
> Peter
>
> On Wed, 24 Jul 2019 at 16:27, Oskar Z  wrote:
>
>> Hello - hope that someone has experience with Derby encryption.
>>
>> I’ve been using this documentation:
>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>>
>> I’m not sure what’s happening, I’ve encrypted the DB using
>> dataEncryption=true and provided bootPassword, at first I used the same
>> password as the Owner of DB, but then I used a different password. But
>> regardless, what ever password I specify or not specify as bootPassword,
>> the connection is made OK.
>>
>> So to me, it looks as if the DB has not been really encrypted, even
>> though I’m not see any exceptions/errors in derby.log.
>>
>> How can I tell for sure that DB encryption really happened?
>>
>> Thanks for you help!
>>
>> Kind regards,
>> Oskar
>>
>
> kaibo, s.r.o., ID 28435036, registered with the commercial register
> administered by the Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu
>
>

-- 
kaibo, s.r.o., ID 28435036, registered with the commercial register 
administered by the Municipal Court in Prague, section C, file 141269.

Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.

https://kaibo.eu

Re: Derby DB Encryption

2019-07-24 Thread Oskar Zinger 
I already have authentication working fine. I would like to also have data 
encryption.

Can I have both authentication and data encryption in Derby?

Sent from my iPhone

> On Jul 24, 2019, at 11:37 AM, Peter Ondruška  wrote:
> 
> Oskar, you mixed two distinct topics, encryption and authentication. You 
> should also follow 
> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html. Peter
> 
>> On Wed, 24 Jul 2019 at 16:27, Oskar Z  wrote:
>> Hello - hope that someone has experience with Derby encryption.
>> 
>> I’ve been using this documentation:
>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>> 
>> I’m not sure what’s happening, I’ve encrypted the DB using 
>> dataEncryption=true and provided bootPassword, at first I used the same 
>> password as the Owner of DB, but then I used a different password. But 
>> regardless, what ever password I specify or not specify as bootPassword, the 
>> connection is made OK.
>> 
>> So to me, it looks as if the DB has not been really encrypted, even though 
>> I’m not see any exceptions/errors in derby.log.
>> 
>> How can I tell for sure that DB encryption really happened?
>> 
>> Thanks for you help!
>> 
>> Kind regards,
>> Oskar
> 
> kaibo, s.r.o., ID 28435036, registered with the commercial register 
> administered by the Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu

Re: Derby DB Encryption

2019-07-24 Thread Peter Ondruška 
Oskar, you mixed two distinct topics, encryption and authentication. You
should also follow
https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html. Peter

On Wed, 24 Jul 2019 at 16:27, Oskar Z  wrote:

> Hello - hope that someone has experience with Derby encryption.
>
> I’ve been using this documentation:
> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>
> I’m not sure what’s happening, I’ve encrypted the DB using
> dataEncryption=true and provided bootPassword, at first I used the same
> password as the Owner of DB, but then I used a different password. But
> regardless, what ever password I specify or not specify as bootPassword,
> the connection is made OK.
>
> So to me, it looks as if the DB has not been really encrypted, even though
> I’m not see any exceptions/errors in derby.log.
>
> How can I tell for sure that DB encryption really happened?
>
> Thanks for you help!
>
> Kind regards,
> Oskar
>

-- 
kaibo, s.r.o., ID 28435036, registered with the commercial register 
administered by the Municipal Court in Prague, section C, file 141269.

Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.

https://kaibo.eu

Derby DB Encryption

2019-07-24 Thread Oskar Z 
Hello - hope that someone has experience with Derby encryption.

I’ve been using this documentation:
https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html 


I’m not sure what’s happening, I’ve encrypted the DB using dataEncryption=true 
and provided bootPassword, at first I used the same password as the Owner of 
DB, but then I used a different password. But regardless, what ever password I 
specify or not specify as bootPassword, the connection is made OK.

So to me, it looks as if the DB has not been really encrypted, even though I’m 
not see any exceptions/errors in derby.log.

How can I tell for sure that DB encryption really happened?

Thanks for you help!

Kind regards,
Oskar